OnePlus-API

Sleeping

App Files Files Community

rairo commited on 22 days ago

Commit

e8ed341

verified ·

1 Parent(s): ffd6cda

Update main.py

Browse files

Files changed (1) hide show

main.py +177 -13

main.py CHANGED Viewed

@@ -175,14 +175,46 @@ def extract_json_from_text(text: str):
 def require_role(uid: str, allowed_roles: list[str]) -> dict:
     """
     Reads user profile and checks role.
-    Returns user_data if ok, else raises PermissionError.
     """
-    user_data = db_ref.child(f"users/{uid}").get() or {}
     role = (user_data.get("role") or "").lower().strip()
     if role not in allowed_roles:
-        raise PermissionError(f"Role '{role}' not allowed.")
     return user_data
 def push_notification(to_uid: str, notif_type: str, title: str, body: str, meta: dict | None = None):
     """
     In-app notification stored in RTDB:
@@ -298,10 +330,16 @@ def social_signin():
     try:
         fb_user = auth.get_user(uid)
         if user_data:
-            # backfill displayName if missing
             if not user_data.get("displayName") and fb_user.display_name:
-                user_ref.update({"displayName": fb_user.display_name})
                 user_data = user_ref.get()
             return jsonify({"uid": uid, **(user_data or {})}), 200
@@ -322,16 +360,117 @@ def social_signin():
         logger.error(f"social_signin failed: {e}")
         return jsonify({"error": f"Failed to create user profile: {str(e)}"}), 500
 @app.route("/api/user/profile", methods=["GET"])
 def get_user_profile():
     uid = verify_token(request.headers.get("Authorization"))
     if not uid:
         return jsonify({"error": "Invalid or expired token"}), 401
-    user_data = db_ref.child(f"users/{uid}").get()
-    if not user_data:
-        return jsonify({"error": "User not found"}), 404
-    return jsonify({"uid": uid, **user_data}), 200
 @app.route("/api/user/profile", methods=["PUT"])
 def update_user_profile():
@@ -339,6 +478,13 @@ def update_user_profile():
     if not uid:
         return jsonify({"error": "Invalid or expired token"}), 401
     data = request.get_json() or {}
     allowed = {}
@@ -348,11 +494,15 @@ def update_user_profile():
             allowed[key] = data.get(key)
     # Role-specific (tasker)
-    # (customer can send them too, but we’ll store; frontend decides)
     for key in ["skills", "categories", "bio", "serviceRadiusKm", "baseRate", "profilePhotoUrl", "availability"]:
         if key in data:
             allowed[key] = data.get(key)
     if not allowed:
         return jsonify({"error": "No valid fields provided"}), 400
@@ -511,7 +661,20 @@ def create_task():
         return jsonify({"error": "Unauthorized"}), 401
     try:
-        user = require_role(uid, ["customer", "admin"])  # customers create tasks (admin can for testing)
         # multipart
         category = request.form.get("category", "").strip()
@@ -558,7 +721,7 @@ def create_task():
         task_payload = {
             "taskId": task_id,
             "createdBy": uid,
-            "createdByName": user.get("displayName") or "",
             "createdAt": created_at,
             "category": category,
@@ -588,7 +751,8 @@ def create_task():
         return jsonify({"success": True, "task": task_payload}), 201
     except PermissionError as e:
-        return jsonify({"error": str(e)}), 403
     except Exception as e:
         logger.error(f"[CREATE TASK] Error: {e}")
         logger.error(traceback.format_exc())

 def require_role(uid: str, allowed_roles: list[str]) -> dict:
     """
     Reads user profile and checks role.
+    Returns user_data if ok, else raises PermissionError with a clear message.
     """
+    user_data = db_ref.child(f"users/{uid}").get()
+    if not user_data:
+        raise PermissionError(
+            f"User profile missing in RTDB at /users/{uid}. "
+            f"Call /api/auth/social-signin (or /api/auth/signup) once after login to bootstrap the profile."
+        )
     role = (user_data.get("role") or "").lower().strip()
     if role not in allowed_roles:
+        raise PermissionError(f"Role '{role}' not allowed. Allowed roles: {allowed_roles}")
     return user_data
+def get_or_create_profile(uid: str) -> dict:
+    """
+    Ensures /users/{uid} exists in RTDB for any authenticated user.
+    - If missing, bootstraps from Firebase Auth and defaults role to 'customer'.
+    """
+    ref = db_ref.child(f"users/{uid}")
+    user_data = ref.get()
+    if user_data:
+        return user_data
+    fb_user = auth.get_user(uid)
+    new_user_data = {
+        "email": fb_user.email or "",
+        "displayName": fb_user.display_name or "",
+        "phone": "",
+        "city": "",
+        "role": "customer",   # safe default so task posting works out-of-the-box
+        "is_admin": False,
+        "createdAt": now_iso()
+    }
+    ref.set(new_user_data)
+    return new_user_data
 def push_notification(to_uid: str, notif_type: str, title: str, body: str, meta: dict | None = None):
     """
     In-app notification stored in RTDB:
     try:
         fb_user = auth.get_user(uid)
+        # ---- NEW: If user record exists but missing role, default safely
         if user_data:
+            patch = {}
             if not user_data.get("displayName") and fb_user.display_name:
+                patch["displayName"] = fb_user.display_name
+            if not (user_data.get("role") or "").strip():
+                patch["role"] = "customer"
+            if patch:
+                user_ref.update(patch)
                 user_data = user_ref.get()
             return jsonify({"uid": uid, **(user_data or {})}), 200
         logger.error(f"social_signin failed: {e}")
         return jsonify({"error": f"Failed to create user profile: {str(e)}"}), 500
+@app.route("/api/auth/set-role", methods=["POST"])
+def set_role_after_social_signin():
+    """
+    Set role after first social sign-in (or first time profile is missing).
+    Allowed transitions:
+      - missing profile -> bootstrap -> set role
+      - role missing/empty -> set role (customer|tasker)
+      - customer -> tasker (one-way upgrade ONCE)
+      - tasker -> customer (BLOCK)
+      - same role -> idempotent 200
+    Responses:
+      - 401 invalid token
+      - 400 invalid role
+      - 409 blocked role change
+      - 200 success (profile returned)
+    """
+    uid = verify_token(request.headers.get("Authorization"))
+    if not uid:
+        return jsonify({"error": "Invalid or expired token"}), 401
+    data = request.get_json() or {}
+    requested_role = (data.get("role") or "").lower().strip()
+    if requested_role not in ["customer", "tasker"]:
+        return jsonify({"error": "Invalid role. Use customer or tasker."}), 400
+    try:
+        user_ref = db_ref.child(f"users/{uid}")
+        user_data = user_ref.get()
+        # Bootstrap if missing
+        if not user_data:
+            fb_user = auth.get_user(uid)
+            user_data = {
+                "email": fb_user.email or "",
+                "displayName": fb_user.display_name or "",
+                "phone": "",
+                "city": "",
+                "role": "",  # intentionally empty so user must choose
+                "is_admin": False,
+                "createdAt": now_iso(),
+            }
+            user_ref.set(user_data)
+        current_role = (user_data.get("role") or "").lower().strip()
+        # Idempotent: already same role
+        if current_role and current_role == requested_role:
+            updated = user_ref.get() or {}
+            return jsonify({"success": True, "uid": uid, "profile": updated, "note": "role unchanged"}), 200
+        # If role is empty/missing -> allow setting
+        if not current_role:
+            patch = {
+                "role": requested_role,
+                "roleSetAt": now_iso(),
+                "updatedAt": now_iso(),
+            }
+            user_ref.update(patch)
+            updated = user_ref.get() or {}
+            return jsonify({"success": True, "uid": uid, "profile": updated}), 200
+        # One-way upgrade: customer -> tasker (allow ONCE)
+        if current_role == "customer" and requested_role == "tasker":
+            # If you want to allow this only once, the existence of roleUpgradedAt is enough
+            if (user_data.get("roleUpgradedAt") or "").strip():
+                return jsonify({
+                    "error": "Role change blocked",
+                    "reason": "Customer -> Tasker upgrade already used. Role flipping is not allowed.",
+                    "currentRole": current_role,
+                    "requestedRole": requested_role
+                }), 409
+            patch = {
+                "role": "tasker",
+                "roleUpgradedAt": now_iso(),
+                "updatedAt": now_iso(),
+            }
+            user_ref.update(patch)
+            updated = user_ref.get() or {}
+            return jsonify({"success": True, "uid": uid, "profile": updated, "note": "upgraded customer -> tasker"}), 200
+        # Block any other change (tasker->customer or any flip)
+        return jsonify({
+            "error": "Role change blocked",
+            "reason": "Role flipping is not allowed.",
+            "currentRole": current_role,
+            "requestedRole": requested_role
+        }), 409
+    except Exception as e:
+        logger.error(f"[SET ROLE] failed: {e}")
+        logger.error(traceback.format_exc())
+        return jsonify({"error": "Internal server error"}), 500
 @app.route("/api/user/profile", methods=["GET"])
 def get_user_profile():
     uid = verify_token(request.headers.get("Authorization"))
     if not uid:
         return jsonify({"error": "Invalid or expired token"}), 401
+    # ---- NEW: auto-bootstrap profile so profile fetch never mysteriously 404s
+    try:
+        user_data = get_or_create_profile(uid)
+        return jsonify({"uid": uid, **user_data}), 200
+    except Exception as e:
+        logger.error(f"get_user_profile failed: {e}")
+        return jsonify({"error": "Failed to load profile"}), 500
 @app.route("/api/user/profile", methods=["PUT"])
 def update_user_profile():
     if not uid:
         return jsonify({"error": "Invalid or expired token"}), 401
+    # ---- NEW: ensure profile exists before update
+    try:
+        _ = get_or_create_profile(uid)
+    except Exception as e:
+        logger.error(f"update_user_profile bootstrap failed: {e}")
+        return jsonify({"error": "Failed to bootstrap profile"}), 500
     data = request.get_json() or {}
     allowed = {}
             allowed[key] = data.get(key)
     # Role-specific (tasker)
     for key in ["skills", "categories", "bio", "serviceRadiusKm", "baseRate", "profilePhotoUrl", "availability"]:
         if key in data:
             allowed[key] = data.get(key)
+    # ---- NEW: allow role updates ONLY if explicitly permitted (optional safeguard)
+    # If you don't want clients to ever change role, leave this out entirely.
+    # if "role" in data:
+    #     return jsonify({"error": "Role cannot be updated from client"}), 400
     if not allowed:
         return jsonify({"error": "No valid fields provided"}), 400
         return jsonify({"error": "Unauthorized"}), 401
     try:
+        # ---- NEW: Always ensure RTDB profile exists (prevents 403 due to missing /users/{uid})
+        profile = get_or_create_profile(uid)
+        # ---- NEW: role gate with explicit, debuggable response
+        role = (profile.get("role") or "").lower().strip()
+        if role not in ["customer", "admin"]:
+            return jsonify({
+                "error": "Forbidden",
+                "reason": f"Role '{role}' not allowed to create tasks. Must be customer (or admin).",
+                "uid": uid
+            }), 403
+        # ---- NEW: helpful logs for production debugging
+        logger.info(f"[CREATE TASK] uid={uid} role={role} email={profile.get('email')}")
         # multipart
         category = request.form.get("category", "").strip()
         task_payload = {
             "taskId": task_id,
             "createdBy": uid,
+            "createdByName": profile.get("displayName") or "",
             "createdAt": created_at,
             "category": category,
         return jsonify({"success": True, "task": task_payload}), 201
     except PermissionError as e:
+        # Keep PermissionError mapping, but now it will be far more informative when it happens
+        return jsonify({"error": "Forbidden", "reason": str(e)}), 403
     except Exception as e:
         logger.error(f"[CREATE TASK] Error: {e}")
         logger.error(traceback.format_exc())